The famous CVE-2018-12613 is a Local File Inclusion vulnerability that could be exploited in older phpMyAdmin versions (4.8.0, 4.8.0.1, 4.8.1).
After verifying the attacks, here’s how to defend effectively: phpmyadmin hacktricks verified
Once logged in, the attacker can:
An issue in the user profile page allows an authenticated user to execute arbitrary SQL commands via a crafted username, bypassing intended restrictions. 5. Hardening and Remediation Strategies The famous CVE-2018-12613 is a Local File Inclusion
Unprotected phpMyAdmin interface - Vulnerabilities - Acunetix 4.8.1). After verifying the attacks